Vulnerability Management Specialist

Job Title: Vulnerability Management Specialist (AWS & Wiz)

Client: HPE

Number of Positions: 3

Location: India, remote (candidate has to be local to Bangalore, no relo)

Duration: 6+ months

Position Overview

• We are seeking a skilled Vulnerability Management Specialist with hands-on experience in AWS environments and Wiz (cloud security posture management).
• The ideal candidate will be responsible for identifying, assessing, and remediating vulnerabilities across our cloud infrastructure, ensuring compliance with security best practices, and collaborating with cross-functional teams to strengthen our security posture.

Key Responsibilities

• Lead and manage vulnerability management processes for AWS-hosted environments.
• Use Wiz to continuously monitor, identify, and prioritize vulnerabilities across cloud workloads, applications, and configurations.
• Perform regular vulnerability scans, risk assessments, and reporting.
• Partner with DevOps, Cloud Engineering, and Application teams to drive remediation and patching efforts.
• Maintain an inventory of assets and ensure alignment with security baselines.
• Track emerging threats, zero-day vulnerabilities, and recommend mitigation strategies.
• Support security audits, compliance efforts (e.g., ISO, SOC 2), and risk assessments.
• Develop and deliver metrics/dashboards on vulnerability status and remediation progress.

Required Skills & Qualifications

• 36 years of experience in cybersecurity, vulnerability management, or cloud security.
• Strong hands-on experience with AWS services (IAM, EC2, S3, Lambda, CloudTrail, etc.).
• Practical experience with Wiz or similar Cloud Security Posture Management (CSPM) tools.
• Solid understanding of vulnerability scanning, patch management, and remediation processes.
• Familiarity with common security standards (NIST, CIS Benchmarks, OWASP).
• Strong collaboration and communication skills to work with technical and non-technical teams.

Preferred Qualifications

• AWS Security Specialty or Solutions Architect certification.
• Knowledge of container security (EKS, Kubernetes, Docker).
• Experience with scripting/automation (Python, Bash, Terraform).
• Exposure to SIEM tools and incident response practices.